package com.xiaow.springsecuriydemo.expression;

import com.xiaow.springsecuriydemo.vo.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * @ClassName MyExpressionRoot
 * @Author xiaow
 * @DATE 2022/9/16 20:44
 **/
//自定义的权限比对器
@Component("ex")
public class MyExpressionRoot {
    public boolean hasAuthority(String authority) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> perms = loginUser.getPerms();
//        判断是否存在权限
        return perms.contains(authority);
    }
}
